CVE Daily

CVE-2025-8865

The YugabyteDB tablet server contains a flaw in its YCQL query handling that can...

Medium CVSS 4.1

Overview

The YugabyteDB tablet server contains a flaw in its YCQL query handling that can trigger a null pointer dereference when processing certain malformed inputs. An authenticated attacker could exploit this issue to crash the YCQL tablet server, resulting in a denial of service.

CWE: CWE-476 Published: 2025-08-11T15:15:29.203
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 4.1 (MEDIUM)
  • Detected tags: dos (tag impact: LOW)

Recommended actions:

  • Rate limiting, resource quotas and circuit breakers.

Recommended tools

Tags